TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / TF-M / tf-m-tools / 1709b14264daeae8b0e71daf17006448b0c68642 / . / iat-verifier / scripts / decompile_token
blob: b64fa5994517477b5786901a6f3df7ed19e5c0e4 [file] [log] [blame]
Mate Toth-Pal51b61982022-03-17 14:19:30 +0100[diff] [blame]1#!/usr/bin/env python3
2#-------------------------------------------------------------------------------
3# Copyright (c) 2019-2022, Arm Limited. All rights reserved.
4#
5# SPDX-License-Identifier: BSD-3-Clause
6#
7#-------------------------------------------------------------------------------
8
Mate Toth-Palb9057ff2022-04-29 16:03:21 +0200[diff] [blame]9"""CLI script for decompiling a cbor formatted IAT file"""
10
Mate Toth-Pal51b61982022-03-17 14:19:30 +0100[diff] [blame]11import argparse
Mate Toth-Palb9057ff2022-04-29 16:03:21 +0200[diff] [blame]12import logging
Mate Toth-Pal51b61982022-03-17 14:19:30 +0100[diff] [blame]13import sys
14
15import yaml
Mate Toth-Pal51b61982022-03-17 14:19:30 +0100[diff] [blame]16from iatverifier.psa_iot_profile1_token_verifier import PSAIoTProfile1TokenVerifier
Mate Toth-Palb9057ff2022-04-29 16:03:21 +0200[diff] [blame]17from iatverifier.attest_token_verifier import AttestationTokenVerifier
Mate Toth-Pal51b61982022-03-17 14:19:30 +0100[diff] [blame]18
19
20if __name__ == '__main__':
Mate Toth-Palb9057ff2022-04-29 16:03:21 +0200[diff] [blame]21 logging.basicConfig(level=logging.INFO)
Mate Toth-Pal6978f7c2022-03-30 14:38:55 +0200[diff] [blame]22
23 token_verifiers = {
24 "PSA-IoT-Profile1-token": PSAIoTProfile1TokenVerifier,
25 }
26
Mate Toth-Pal51b61982022-03-17 14:19:30 +0100[diff] [blame]27 parser = argparse.ArgumentParser()
28 parser.add_argument('source', help='A compiled COSE IAT token.')
29 parser.add_argument('-o', '--outfile',
30 help='''Output file for the depompiled claims. If this is not
31 specified, the claims will be written to standard output.''')
Mate Toth-Pal6978f7c2022-03-30 14:38:55 +0200[diff] [blame]32 parser.add_argument('-t', '--token-type',
33 help='''The type of the Token.''',
34 choices=token_verifiers.keys(),
35 required=True)
Mate Toth-Pal51b61982022-03-17 14:19:30 +0100[diff] [blame]36 args = parser.parse_args()
37
Mate Toth-Palb9057ff2022-04-29 16:03:21 +0200[diff] [blame]38 verifier_class = token_verifiers[args.token_type]
39 if verifier_class == PSAIoTProfile1TokenVerifier:
40 verifier = PSAIoTProfile1TokenVerifier(
41 method=AttestationTokenVerifier.SIGN_METHOD_SIGN1,
42 cose_alg=AttestationTokenVerifier.COSE_ALG_ES256,
43 signing_key=None, configuration=None)
44 else:
45 logging.error(f'Invalid token type:{verifier_class}\n\t')
46 sys.exit(1)
Mate Toth-Pal51b61982022-03-17 14:19:30 +0100[diff] [blame]47 with open(args.source, 'rb') as fh:
Mate Toth-Palb9057ff2022-04-29 16:03:21 +0200[diff] [blame]48 token_map = verifier.parse_token(
49 token=fh.read(),
50 verify=False,
51 check_p_header=False,
52 lower_case_key=True)
Mate Toth-Pal51b61982022-03-17 14:19:30 +0100[diff] [blame]53
54 if args.outfile:
Mate Toth-Palb9057ff2022-04-29 16:03:21 +0200[diff] [blame]55 with open(args.outfile, 'w', encoding="UTF-8") as wfh:
Mate Toth-Pal51b61982022-03-17 14:19:30 +0100[diff] [blame]56 yaml.dump(token_map, wfh)
57 else:
58 yaml.dump(token_map, sys.stdout)